Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document.
Note: Even the most advanced machine translation cannot match the quality of professional translators.
Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).

An overlay network is a logical network deployed over a physical
network and can be regarded as a network connected through virtual
or logical links.

An overlay network has its own control plane and forwarding plane.

An overlay network is a step forward for a physical network towards
cloud and virtualization. An overlay network is critical for cloud
network convergence because it frees cloud resource pool capabilities
from various restrictions of the physical network.

Underlay network

An underlay network is the physical network that bears the
overlay network.

Separate deployment

Separate deployment indicates that data center gateways
are independent from PEs on the DCI backbone network.

Integrated deployment

Integrated deployment indicates that a device functions
not only as a data center gateway but also as a PE on the DCI backbone
network. Integrated deployment applies when data centers are established
by carriers themselves.

DCI Scenarios

As shown in Figure 12-45, the devices access
DCI-PE-GWs through a VXLAN or VLAN. MPLS VPN and MPLS EVPN can be
deployed on the DCI backbone network to implement Layer 3 forwarding
and Layer 2 forwarding, respectively.

Figure 12-45 Basic DCI scenarios

DCI Control Plane

A data center uses EVPN to send IRB or IP
prefix routes with tenant host IP addresses to an edge device on a
carrier network. After receiving the VXLAN-encapsulated routes, the
edge device changes them to MPLS-encapsulated VPNv4 routes, and sends
the VPNv4 routes to its VPNv4 peer.

Table 12-8 Routes on the data center and carrier network sides

Side

Route

Fields Carried in the Route

Data center

EVPN IRB route

RD1: route distinguisher of an EVPN instance

VM-MAC: MAC address of a VM host

VM-IP: IP address of a VM host

Label1: Layer 2 VXLAN network identifier (L2VNI) of a VXLAN tunnel

Label2: Layer 3 VXLAN network identifier (L3VNI) of a VXLAN tunnel

NHP: next-hop IP address of a route, which is the virtual tunnel
end point (VTEP) address of a device in the data center

ExtCommunity: extended community attribute of the route, including
the VXLAN, Router-MAC, and export route target (ERT) attributes

EVPN IP prefix route

RD1: route distinguisher of an EVPN instance

VM-IP: IP address of a VM host

Label1: L3VNI of a VXLAN tunnel

NHP: next-hop IP address of a route, which is the virtual tunnel
end point (VTEP) address of a device in the data center

ExtCommunity: extended community attribute of the route, including
the VXLAN, Router-MAC, and ERT attributes

Carrier network

VPNv4 route

RD2: route distinguisher of the VPNv4 route

VM-IP: IP address of a VM host

Label: VPN label and public network label carried in the VPNv4
route

NHP: next-hop IP address of a route, which is the IP address used
to establish the VPNv4 peer relationship

ExtCommunity: extended community attribute of the route, including
only the ERT attribute

In DCI solutions, a carrier network can carry Layer 3 traffic,
in both integrated and separated deployment scenarios. In the two
scenarios, Layer 3 route advertisement processes on the DCI backbone
network are the same. This section describes the Layer 3 route advertisement
process only in the integrated deployment scenario. Figure 12-46 shows the networking
of the integrated deployment scenario.

Figure 12-46 Basic MPLS integrated deployment scenario

Figure 12-47 illustrates
the Layer 3 route advertisement process. The detailed process is described
as follows:

After receiving a VM host route from Device 1, DCI-PE1-GW1 parses
the route, regardless of whether it is an IRB or IP prefix route.

Based on the RT of the VM host route, DCI-PE1-GW1 crosses the
VPNv4 route to a local VPN instance.

DCI-PE1-GW1 changes the next hop of the EVPN route to the IP address
used to establish the VPNv4 peer relationship, performs re-encapsulation,
and replaces the RD and RT of the EVPN route with the RD and RT of
the L3VPN instance, respectively. In addition, DCI-PE1-GW1 applies
for an MPLS label and sends the VPNv4 route to DCI-PE2-GW2.

Based on the RT of the VPNv4 route, DCI-PE2-GW2 crosses the VPNv4
route to a local VPN instance.

DCI-PE2-GW2 changes the next hop of the VPNv4 route to the local
VTEP address, performs re-encapsulation, replaces the RD and RT of
the VPNv4 route with the RD and RT of the L3VPN instance, respectively.
In addition, DCI-PE2-GW2 adds the L3VNI and sends the EVPN route to
Device 2.

Figure 12-47 Layer 3 routes in an MPLS integrated deployment scenario

Layer 2 Route
Advertisement

A data center sends EVPN routes with tenant
host MAC addresses to an edge device on a carrier network. After receiving
the routes, the edge device changes them into MPLS-encapsulated EVPN
routes, and sends the EVPN routes to its EVPN peer.

Table 12-9 Routes on the data center and carrier network sides

Side

Route

Fields Carried in the Route

Data center

EVPN MAC route or ARP route

RD1: route distinguisher of an EVPN instance

VM-MAC: MAC address of a VM host

VM-IP: IP address of a VM host, which is carried only in ARP routes

Label1: L2VNI of a VXLAN tunnel

NHP: next-hop IP address of a route, which is the virtual tunnel
end point (VTEP) address of a device in the data center or the IP
address used to establish an EVPN peer relationship

ExtCommunity: extended community attribute of the route, including
the VXLAN and ERT attributes

Carrier network

EVPN ARP or ARP route

RD2: route distinguisher of the EVPN route

VM-MAC: MAC address of a VM host

VM-IP: IP address of a VM host, which is carried only in ARP routes

Label: VPN label and public network label carried in the EVPN
route

NHP: next-hop IP address of a route, which is the IP address of
an EVPN peer or the IP address used to establish an EVPN peer relationship

ExtCommunity: extended community attribute of the route, including
only the ERT attribute

In DCI solutions, a carrier network can carry Layer 2 traffic
only in the integrated deployment scenario.

Figure 12-48 illustrates the Layer
2 route advertisement process. The detailed process is described as
follows:

After receiving a VM host MAC route from Device 1, DCI-PE1-GW1
parses and learns the route.

Based on the RT of the VM host MAC route, DCI-PE1-GW1 crosses
the EVPN route to a local EVPN instance.

DCI-PE1-GW1 changes the next hop of the EVPN route to the IP address
used to establish the EVPN peer relationship, performs re-encapsulation,
and replaces the RD and RT of the VXLAN-encapsulated EVPN route with
the RD and RT of the EVPN instance, respectively. In addition, DCI-PE1-GW1
applies for an MPLS label and sends the EVPN route to DCI-PE2-GW2.

Based on the RT of the EVPN route, DCI-PE2-GW2 crosses the EVPN
route to a local EVPN instance.

DCI-PE2-GW2 changes the next hop of the EVPN route to the local
VTEP IP address, performs re-encapsulation, and replaces the RD and
RT of the EVPN route with the RD and RT of the EVPN instance, respectively.
In addition, DCI-PE2-GW2 adds the L2VNI and sends the EVPN route to
Device 2.

Figure 12-48 Layer 2 routes in an MPLS integrated deployment scenario

DCI Data Plane

In DCI solutions, after a
device on a carrier network receives a packet from a data center,
the device forwards the packet through the data plane. The packet
is then transmitted hop by hop over the backbone network, implementing
inter-data center communication.

Layer 3 Traffic Forwarding

In DCI solutions, a carrier
network can carry Layer 3 traffic, in both integrated and separated
deployment scenarios. In the two scenarios, traffic forwarding processes
on the data plane over the DCI backbone network are the same. This
section describes the traffic forwarding process only in the integrated
deployment scenario.

Figure 12-49 Basic MPLS integrated deployment scenario

On the network shown in Figure 12-49, Layer 3 traffic forwarding
on the data plane is described as follows:

After receiving a VXLAN packet carrying a VM host route from Device
1 in data center A, DCI-PE1-GW1 parses the packet and obtains the
corresponding VPN instance according to VNI carried in the packet.
In addition, DCI-PE1-GW1 searches the VPN instance for the outbound
interface and encapsulation information based on the prefix of the
VM host route's destination IP address. Because the outbound interface
is an MPLS tunnel interface, DCI-PE1-GW1 encapsulates the inner Layer
3 packet using MPLS and sends the MPLS packet through the MPLS tunnel
over the backbone network.

After DCI-PE2-GW2 receives double-tagged MPLS packet, it parses
the packet using MPLS, removes the outer MPLS public network label,
and obtains the corresponding VPN instance based on the VPN label.
Then, DCI-PE2-GW2 searches the VPN forwarding table based on the prefix
of the VM host route's destination IP address. Because the next hop
is a VXLAN tunnel interface and the VTEP of the VXLAN tunnel is Device
2 in data center B. DCI-PE2-GW2 encapsulates the original data packages
and attributes such as L3VNI and Router-MAC into a VXLAN packet and
sends it to Device 2.

Layer 2 Traffic Forwarding

In DCI solutions, a carrier
network can carry Layer 2 traffic only in the integrated deployment
scenario.

On the network shown in Figure 12-49, Layer 2 traffic forwarding
on the data plane is described as follows:

After receiving a VXLAN packet carrying a VM MAC route from Device
1 in data center A, DCI-PE1-GW1 parses the packet and obtains the
corresponding Layer 2 broadcast domain according to the VNI carried
in the packet. In addition, DCI-PE1-GW1 searches the Layer 2 broadcast
domain for the outbound interface and encapsulation information based
on the destination MAC address of the VM host. Because the outbound
interface is an MPLS tunnel interface, DCI-PE1-GW1 encapsulates the
inner Layer 2 packet using MPLS and sends the MPLS packet through
the MPLS tunnel over the backbone network.

After DCI-PE2-GW2 receives the MPLS packet, it parses the packet
using MPLS, removes the outer MPLS public network label, and obtains
the Layer 2 broadcast domain based on the EVPN label and BD ID. Then,
DCI-PE2-GW2 searches the Layer 2 broadcast domain based on the destination
MAC address of the VM host. Because the outbound interface is a VXLAN
tunnel interface and the VTEP of the VXLAN tunnel is Device 2 in data
center B, DCI-PE2-GW performs VXLAN encapsulation based on the VXLAN
tunnel information, and sends the VXLAN packet to Device 2.